Slashdot Mirror

← Back to Stories (view on slashdot.org)

Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying

Posted by timothy on from the now-how-to-effectively-test? dept.

An anonymous reader writes "Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations. In the last few days Google upgraded its security measure following revelations that Britain's GCHQ had intercepted data being transmitted between Google datacenters, Schmidt said that his company's upgrades following the incident left him 'pretty sure that information within Google is now safe from any government's prying eyes.'"

93 of 155 comments (clear)

  1. Liar by Anonymous Coward · · Score: 1, Funny

    Eric Schmidt likes to lie........don't believe anything from his mouth!!

    1. Re:Liar by Anonymous Coward · · Score: 3, Insightful

      That's being a little harsh.

      He says what the letters from Obama tell him to say.

    2. Re:Liar by Curunir_wolf · · Score: 1

      Eric Schmidt likes to lie........don't believe anything from his mouth!!

      Oh, come, come, that cannot be true. I think what you mean is "he lies when the truth will do."

      --
      "Somebody has to do something. It's just incredibly pathetic it has to be us."
      --- Jerry Garcia
    3. Re:Liar by phrostie · · Score: 1

      Is he given incentive to lie?

      http://tech.slashdot.org/story...

    4. Re:Liar by houstonbofh · · Score: 5, Insightful

      There is a very broken, hazy line between marketing and lying.

      I thought they were synonyms...

    5. Re:Liar by jd2112 · · Score: 4, Funny

      There is a very broken, hazy line between marketing and lying.

      I thought they were synonyms...

      If you are trying to sell something it's marketing. Otherwise it's lying.

      --
      Any insufficiently advanced magic is indistinguishable from technology.
    6. Re:Liar by antdude · · Score: 1

      He is a human. All humans lie. :(

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    7. Re:Liar by rtb61 · · Score: 1

      Not so much a lie as leaving out a bit of the truth, "Google data now protected from 'FREE' government spying", see just one word accidental left out and really even when the word is left out it is accurate, as it is only 'SPYING' when they don't pay for access. When Google sell you data, the means by which they make their profit, the government is just buying like any other marketing agency. The government just wants to send government marketing representatives to your door to provide you with offers if you are the right targeted group. Something to hide and willing to spy on your fiends and neighbours or just perhaps that you need some friendly advice to know how to speak right or to vote right. Just looking after you and your families interests, wouldn't want to them or yourself to come to any harm.

      Now that is exactly what mass spying has always been about, control.

      --
      Chaos - everything, everywhere, everywhen
  2. Safe just from prying eyes? by CRCulver · · Score: 5, Insightful

    Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

    1. Re:Safe just from prying eyes? by thaylin · · Score: 3, Interesting

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      FTFY

      --
      When you cant win, ad hominem.
    2. Re:Safe just from prying eyes? by CRCulver · · Score: 1

      Geez, "between it wants" should read "because it wants".

    3. Re:Safe just from prying eyes? by fred911 · · Score: 1

      Have we seen any "evil" that wasn't via warrant yet?

      --
      09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
    4. Re:Safe just from prying eyes? by slack_justyb · · Score: 1

      Not just getting friendly with local government, but I'm pretty sure Google will take the always wonderful stance of "secure forever". Time is always on the government's side and given enough time, all static security is rendered useless.

      Unless Google plans to review their "security" on a pretty regular basis. Someone with enough money and enough time (pretty much any country's government and a few private citizens too) will eventually break into what is pretty much the Fort Knox (having large amounts of information, not the security part) of people's information.

    5. Re:Safe just from prying eyes? by Frobnicator · · Score: 4, Insightful

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      FTFY

      ...that also has the power to jail anyone, including corporate executives, for undisclosed national security reasons and undisclosed duration if they fail to cooperate?

      --
      //TODO: Think of witty sig statement
    6. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 1

      Safe from eyes is an issue, with the NSA asserting that collecting allllll the data for computer analysis is perfectly fine and they only need permission to have a human look at it.

    7. Re:Safe just from prying eyes? by louarnkoz · · Score: 5, Interesting
      Governments can indeed ask for some data, using subpoena or in the case of the US "National Security Network." But for that, they have to actually ask, and the request has to be targeted, naming for example a specific individual. The NSA and the GCHQ were not content with that, they wanted to grab "everything," so instead of the legal channels they used a hack. The hack was to spy on the internal network of Google, and of other services as well, because these internal exchanges were not encrypted.

      According to Eric Schmidt, now they are. This is absolutely good news. It is also exactly what the Electronic Frontier Foundation is asking web services to do. You can check the relative state of Google and other services according to the EFF at: https://www.eff.org/deeplinks/....

    8. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 2, Informative

      Yes, and plenty of direct evidence that they're doing things illegally and then faking up a legal investigation based on that evidence. Which is, itself, illegal.

    9. Re: Safe just from prying eyes? by Anonymous Coward · · Score: 1

      Google's business model is based on selling data about you. They won't give users the ability to encrypt that data. And if they can see the data, so can the government.

    10. Re:Safe just from prying eyes? by Opportunist · · Score: 2

      They don't play preferences with governments.

      They sell your data to everyone willing to pay.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    11. Re:Safe just from prying eyes? by Opportunist · · Score: 2

      They don't need perfect security. All they need is security that's more expensive to penetrate than to pay them to hand over the data.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    12. Re:Safe just from prying eyes? by LVSlushdat · · Score: 1

      With the current government (and the last couple also) the "rule of law" is dead.. not just on life support, but dead and begining to smell....

      --
      THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
    13. Re:Safe just from prying eyes? by cnkurzke · · Score: 2

      The former CEO of QWest kindly disagrees. His life was ruined (including 10yrs in jail) for not following orders from the NSA. http://www.atlassociety.org/br...

    14. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 2, Interesting

      I think this is a less biased account
      http://en.wikipedia.org/wiki/J...

    15. Re:Safe just from prying eyes? by AnonymousCoward1998 · · Score: 2

      As long as they want to keep paying near zilch in taxes, they will comply. Besides, they don't need prying eyes when they have direct access.

    16. Re:Safe just from prying eyes? by swillden · · Score: 3, Interesting

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      Governments can ask, and Google will say "No, please come back with an order."

      Governments can order, and Google will comply, as long as the order was issued by proper authority, isn't excessively broad, etc. And then Google will add the order, and the number of accounts it affects, to the next transparency report.

      That's not perfect, but it's much, much better than the government being able to snarf all the data with no accountability at all.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    17. Re:Safe just from prying eyes? by CRCulver · · Score: 1

      Governments can ask, and Google will say "No, please come back with an order."

      How do you know Google will say, "No, please come back with an order?" What if Google only tells the public that it insists on the government presenting a lawfully issued court order, but in fact it secretly gives the government whatever information wants? Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

    18. Re:Safe just from prying eyes? by interkin3tic · · Score: 1

      Four years, actually. It hasn't been ten years since 2007, when he was convicted, nor has it been a decade 2009 when he exhausted his appeals and turned himself in. And no one is disputing that he dumped tens of millions of dollars worth of his stock right before the government backed out of contracts. It sounds like he was actually guilty of insider trading even though he was a good guy in terms of saying no to the NSA.

    19. Re:Safe just from prying eyes? by swillden · · Score: 3, Interesting

      Governments can ask, and Google will say "No, please come back with an order."

      How do you know Google will say, "No, please come back with an order?" What if Google only tells the public that it insists on the government presenting a lawfully issued court order, but in fact it secretly gives the government whatever information wants? Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

      How do I know? Well, (a) Google's leadership says so and AFAICT there is no law that allows the government to compel them to lie, publicly or internally and in fact there are laws that make it a crime for executives of publicly-traded companies to lie about issues which could affect the stock price (which this definitely does!); (b) as a Google employee who manages sensitive user data I have some visibility into how requests for that data are handled; and (c) as someone who is familiar with Google culture I find it inconceivable that such a thing could be happening on any kind of significant scale without being outed -- like most of silicon valley, and like geeks in general, Googlers tend to be pretty iconoclastic and anti-authoritarian.

      Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

      If the speculation has been floating around that long, without a shred of evidence to support it in spite of the large-scale conspiracy that would be required to keep all such evidence suppressed, I think that's pretty compelling evidence that it's not true. You can never completely prove a negative, of course, but you can asymptotically approach certainty.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    20. Re:Safe just from prying eyes? by aztracker1 · · Score: 1

      Not to mention the fact that email traffic going in and out of google is crossing over network infrastructure that is tapped, and unencrypted... it's not like the NSA doesn't already have pretty much everything it wants.

      --
      Michael J. Ryan - tracker1.info
    21. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 1

      This is why they're pushing so hard on https for search, gmail, etc. as well as encrypting everything internally.

    22. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 1

      Then it's a good thing you can look through the history of changes.

    23. Re:Safe just from prying eyes? by tlhIngan · · Score: 1

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      No, all Google did was protect the data against FREE access.

      Remember Google's in the business of selling user information. Government access for free isn't in the business plan. So they closed the loophole that allowed it.

      Now the government needs to pay for it. Like everyone else. Yes, the same information the government asks for is probably for sale by Google freely on the open market. You just have to pay for it.

    24. Re:Safe just from prying eyes? by Anonymous Coward · · Score: 1

      there is no law that allows the government to compel them to lie, publicly or internally

      Are you F'ing kidding me? Have you not been paying ANY attention to whats been going on lately? They've been making companies provide certain info and using National Security Act crap to make it illegal for them to tell ANYONE.

    25. Re:Safe just from prying eyes? by the+grace+of+R'hllor · · Score: 2

      "They wouldn't dare" is not a long term argument with a government that is increasingly using the methods of totalitarian states.

    26. Re:Safe just from prying eyes? by u38cg · · Score: 1

      How do you know

      You don't and can't, and if that's a problem for you, you don't use Gogle services. Next!

      --
      [FUCK BETA]
    27. Re:Safe just from prying eyes? by CRCulver · · Score: 1

      You don't and can't, and if that's a problem for you, you don't use Gogle services.

      Google collects data (and potentially passes it on to the US government) on more than just those who choose to use its services, as Google Analytics is included in the Javascript package of a great many sites, one might send an e-mail to a gmail.com address, etc. Telling something that they are safe if they don't use Google services is essentially telling someone to give up on use of the internet entirely.

    28. Re:Safe just from prying eyes? by u38cg · · Score: 1

      Rubbish.

      --
      [FUCK BETA]
    29. Re:Safe just from prying eyes? by AmiMoJo · · Score: 1

      On paper they could lock Schmidt up, but in practice they would want to avoid that kind of press and the almost infinite legal resources that would be used against them. Normally the rich and powerful being above the law is a bad thing, but in this case it happens to work in our favour.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    30. Re:Safe just from prying eyes? by AmiMoJo · · Score: 1

      Citation? I see this claim made a lot on Slashdot but have yet to see any evidence that they sell personal data to anyone. They sell advertising space targeted based on keywords and general demographics, but that is rather different to selling access to your gmail account or private photos.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. Yeah right by Ubi_NL · · Score: 3, Insightful

    Seriously is there anyone that would actually believe such a statement?

    --

    If an experiment works, something has gone wrong.
    1. Re:Yeah right by Anonymous Coward · · Score: 1

      Of course. You just have to read carefully.

    2. Re:Yeah right by Anonymous Coward · · Score: 2, Informative

      the NSA employees working for google wont...

    3. Re:Yeah right by phantomfive · · Score: 1, Interesting

      Let's assume that he's only talking about unauthorized data leakage, not cases where he gives the data away. Because we know he does that.

      In that case, should we believe him? The answer is no. If you want to make sure your data is safe, you need to close all exploits in your code (we're just talking about the easy part here, not the social engineering). If someone says, "I'm pretty sure my code is safe" you know he's wrong, because he hasn't gone through the effort necessary to make the code secure. It's essentially the same as saying, "our code is bug free because we don't know of any bugs." Well.....

      --
      "First they came for the slanderers and i said nothing."
    4. Re:Yeah right by Opportunist · · Score: 1

      Of course. It's in their own best interest to ensure governments have to pay for the data like everyone else.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    5. Re:Yeah right by StormReaver · · Score: 1

      Seriously is there anyone that would actually believe such a statement?

      Yes, they are called "Cloud Users". These people are as dumb as dumb gets.

    6. Re:Yeah right by swillden · · Score: 3, Interesting

      Seriously is there anyone that would actually believe such a statement?

      I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    7. Re:Yeah right by phantomfive · · Score: 1

      The people at L4 don't say, "I'm pretty sure my code is safe."
      They say, "we proved it."
      That's the key difference.

      --
      "First they came for the slanderers and i said nothing."
    8. Re:Yeah right by psydeshow · · Score: 1

      Seriously is there anyone that would actually believe such a statement?

      I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

      And can you likewise assure yourself that even if one or more of your colleagues is an undercover government agent, then the statement is still true?

  4. Just a detail missing by zufar · · Score: 1

    He did not mention which government.

  5. PRISM program by Anonymous Coward · · Score: 1

    Buffoons, do you really think that we've already forgotten PRISM? That wasn't "hacking" by GHCQ or NSA. It was cooperation with them.

  6. Nonsense by markdavis · · Score: 3, Insightful

    >"they revealed that Google's data is now safely protected from the prying eyes of government organizations. "

    That is nonsense. The NSA could probably STILL access the information if they want to (and likely will) or Google can be compelled to reveal it with a super secret demand order, or even a regular warrant.

    No information that is ever collected is ever "safe" from prying eyes. And even Google having the information is certainly nothing to be comfortable about. They have ENOUGH information about consumers already... certainly enough to be creepy.

    1. Re:Nonsense by swillden · · Score: 2

      The NSA could probably STILL access the information if they want to

      Sure, they could resort to rubber-hose cryptanalysis, targeting key Google employees. If it were to come out, though, it would make the Snowden leaks look very, very mild. As one of said key Google employees (I work on security infrastructure), I've been given to understand that if I am ever approached in any way by the government, I am to immediately consult with Google legal counsel, and that any request that I not talk to counsel would be illegal (I think it would violate the constitutional guarantee of due process).

      or Google can be compelled to reveal it with a super secret demand order, or even a regular warrant.

      Certainly, as long as the order or warrant is issued by the appropriate court, is not excessively broad, etc., and then Google will add it to the statistics for the transparency report.

      No information that is ever collected is ever "safe" from prying eyes.

      In an information-theoretic sense that is undoubtedly true. In that sense, though, I'd argue that nothing that touches a networked computer is safe.

      And even Google having the information is certainly nothing to be comfortable about.

      YMMV, of course, but I actually am pretty comfortable with it. Of course, I have visibility into how Google manages user data, which helps. There is the possibility that a future version of Google may behave differently, but I think that possibility is at least a decade or two away, because I think it would take that long for the company's culture to change enough to make it possible.

      They have ENOUGH information about consumers already... certainly enough to be creepy.

      Perhaps. I think the general belief about what data Google has overstates the reality by a wide margin, and further even where it's accurate it overstates Google's (current) ability to actually make use of the data.

      In any case, if you're concerned with it, Google provides you with the tools to opt out. I encourage you to use them. Personally, I turned on web history, location history, route all of my email through gmail, use Hangouts for SMS, etc., etc. I find the value I get from the services to outweigh the risk I perceive. If you see that balance differently, you should act accordingly.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    2. Re:Nonsense by markdavis · · Score: 1

      Thanks for the thoughtful and informative response. I did opt out of most of the stuff; have location tracking off, disabled Google +, Google Play Music, Books, Magazines, Games, Video, Hangouts, etc; use Startpage for most searches, use Firefox not Chrome, have Now turned off. Only occasionally use Gmail but I love Google Maps and Play Store.

      In any case, I tend to be a pessimist and skeptic about such things, especially when I have no real proof that "opting out" really does anything. It is nice to hear someone a bit more on the "inside" that relays positive info.

    3. Re:Nonsense by swillden · · Score: 1

      You're welcome. I don't have any way to prove it, of course, but I can tell you that the opt outs do exactly what they say they do, as do the "delete my data" options on the dashboard. I've been somewhat involved in the latter and I know people who work on the opt outs. They take it very seriously. Google wants to offer you such a compelling value proposition, which means providing good services plus taking good care that your data is only used in appropriate ways, that you want to give your data. And if you don't want the deal, Google really doesn't want to track you.

      Actually, with respect to proving it consider this: Google is operating under the terms of a 20-year consent decree with the FTC around privacy issues arising from the Buzz fiasco, which includes regular third-party audits. Were Google to be found to be failing to fulfill any of the privacy terms it offers user, the company would be in big trouble. The fact is that the culture is very pro-privacy and pro-user control, so in fact the consent decree doesn't make much difference in how Google acts... but even if you don't believe that, there is oversight.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  7. this is a lie.. by strstr · · Score: 1

    Because he cannot even disclose his backdoor deals with the government to provide access willingly.

    Also black operations methods to intercept the data via satellite and radar still exist, by observing computer and electro emissions from cables over long-range. They call this technique Van Eck Phreaking: http://en.wikipedia.org/wiki/V...

    Observe the TEMPEST emissions standards of NSA/DOD themselves, to get an idea of what signals can be remotely observed (virtually any signal can be, and they're very paranoid about unshielded cables, unshielded monitors, and unshielded computer systems): http://en.wikipedia.org/wiki/T...

    On top of that, surveillance methods using radar and satellite mind reading are wide spread, allowing them to extract passwords, what you see and hear and think and dream, and more. All the information we use to secure the data centers and our personal accounts is available and unsecure in our minds, giving them direct access using the TAMI system, "Thought Amplifier and Mind Interface," patented by Robert Malech in 1974, deployed by the NSA and DOD in 1976, and owned by EDO Corporation (now defunct and owned by ITT Corporation): http://en.wikipedia.org/wiki/I... Yes, understandably, they don't need access to Google to steal our Google data, they can get it from our minds or by remotely watching us, as well. But lets say they want to prank and hack Google, yeah they can do that.

    Robert Malech's patent is defunct but the patent and knowledge and systems obviously passed down through EDO Corporation to ITT Corporation, and Raytheon today owns other types of radar and directed-energy and remote imaging patents related. Malech's original patent, at http://patft.uspto.gov/netacgi...

    Raytheon's radar remote imaging and remote targeting patent for technology very similar, but perhaps covers more of the electronic systems targeting (in addition to human targeting, for slow-kill and other directed-energy abuses, plus systems hacking/tampering): http://patft.uspto.gov/netacgi...

    More details brought to light by CIA, DOD, and US DOJ whistleblower Dr. Robert Duncan who helped invent the system, personally programming the software for various Navy systems and US DOJ satellite systems for "tracking heart rate, breathe, and license plates from space." He has a PhD and several degrees from Harvard, Darthmouth, MIT, and has also worked for several fortune 500s. He has personally seen brain images from TAMI and helped invent these weapons systems. Details and his interviews/books at: http://www.oregonstatehospital...

    Dr. Robert Duncan's biography here: http://www.coasttocoastam.com/...

    Buy Dr. Robert Duncan's books:

    Project: Soul Catcher: Secrets of Cyber and Cybernetic Warfare Revealed : http://www.amazon.com/gp/produ...

    How to Tame a Demon: A short practical guide to organized intimidation stalking, electronic torture, and mind control : htt

    1. Re:this is a lie.. by strstr · · Score: 1

      Google should ask their engineers if they shielded their complex or not. Shielded all cables. Installed tinfoil hat, with mylar, and nu metal and an ion shield around their staffs brains. And whether or not the computers and screens are shielded. If not, all the Google data is very much still available to the NSA. lmfao.

  8. Re:More lies I would suspect by strstr · · Score: 1

    OMG, there's code in Microsoft Windows too, called NSAKEY, letting them bypass all Windows secret features and install NSA signed software code. lmfao: http://www.washingtonsblog.com...

  9. TFA by DaMattster · · Score: 1

    From the article, “pretty sure that information within Google is now safe from any government’s prying eyes.” Well, pretty sure just doesn't cut it for me.

  10. The Pudding, where is the pudding ? by giorgist · · Score: 1

    I am sure that his whole industry is based on provable metrics. So the prood is in the pudding my friend ... how can we know what you claim is true. 'pretty sure' does not go very far.

  11. "Pretty sure"? Why should we believe this? by sjbe · · Score: 3, Insightful

    and they revealed that Google's data is now safely protected from the prying eyes of government organizations.

    Does anyone actually believe this? First off we know that all the government has to do is issue a National Security Letter and Google will fold like a dish cloth. Eric Schmidt isn't about to go to jail to protect you. Second, he has every reason to publicly proclaim our data is "safely protected" in order to protect his business regardless of whether it is true. Third, he cannot possibly promise that even if he genuinely believes it because he can't prove it. Fourth, even if he could somehow be sure he's keeping the government snoops out, he won't provide anyone the access necessary to verify it.

    There are things they could say that I would believe but him being "pretty sure" that our data is safe just isn't really credible.

  12. yeah right.. by Connie_Lingus · · Score: 1

    ...unless, of course, they ask kinda nicely for it.

    then we just hand it over.

    --
    never bring a twinkie to a food fight.
  13. 3 Weeks by LifesABeach · · Score: 1

    That's about how long the NSA will take to crack it; and move on.

  14. Re:Safe just from prying eyes? Or bad Joke by Anonymous Coward · · Score: 1

    Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations.

    Now what about the accusations that they were willfully co-operating behind closed doors with spying agencies? I like how the press really kept up with anything. Not only did they not bother to find that out, they didn't bother to see what safety/warnings systems are in place for a possible "tap in" of there lines. Were talking Jane and Joe public here what do they know? And would they even care?

    I'm 50/50 on what possibly took place behind the public's back, let alone these BS "request letters". Someone out there that's either a journalist, or involved in the underground should really look into all of it. Not that you could believe any of it, but it would make things more interesting.

  15. At rest, arguably...in flight, yeah right. by The+Last+Gunslinger · · Score: 1

    Assuming you believe this line, they're only providing countermeasures against data at rest or moving within their networks.

    Does anyone remember that whole "trusted proxy" thing that's creeping into the HTTP 2.0 draft spec?

    Is anyone else familiar with the MITM capabilities of a Blue Coat ProxySG device, and how widely deployed they are amongst ISPs?

    1. Re:At rest, arguably...in flight, yeah right. by SuricouRaven · · Score: 1

      The trusted proxy panic was really a scare about nothing. It's just a way to allow for HTTP(S)2 interception by a proxy which the client machine explicitly trusts and authenticates - something which is already very common practice in the corporate lan as a means of keeping the employees off of porn/facebook.

    2. Re:At rest, arguably...in flight, yeah right. by The+Last+Gunslinger · · Score: 1

      Um, no. A MITM is not necessary for corporations to keep their employees from visiting undesirable content on the internet. Content filtering does not require payload inspection to achieve. I know this because I've worked with clients who use ProxySG devices to help them construct and implement their access control policies.

      Your assertion about TP being a "scare about nothing" is incredibly naive...it's only valid if the end user provides informed consent. In practice, there are organizations that silently push their MITM CA certificate into your device/browser's truststore without giving you any opportunity to opt out...and I'm not talking about corporate owned/issued devices, I'm talking about BYOD operations.

    3. Re:At rest, arguably...in flight, yeah right. by SuricouRaven · · Score: 1

      Without content inspection, all you have to filter on is DNS and IP. Not enough - without more information the filter will have to be either ineffectual or so overzealous as to hinder work.

  16. right...because the easter bunny is the new admin by quantic_oscillation7 · · Score: 1

    right! and we are supposed to believe that just because they're saying so? is google going to break the law to support what they're saying?

    and who protects us from google?
    if they are so interested in protecting their users why not encrypt every user data with a key that only the user controls?

  17. Re:"Pretty sure"? Why should we believe this? by 93+Escort+Wagon · · Score: 4, Insightful

    I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.

    Before Google took the steps necessary to ensure communications between data centers was secured, the government could (and apparently did) just slurp up everything and troll for information. Now, at least they'll need some sort of court order, which means they'll need at least a modicum of an idea what they are targeting.

    The entire government system is still deeply - maybe even fatally - flawed. Even if Obama's reforms actually take place, there's still far too much power left in the hands of the secret courts and the spy agencies. But fixing this horrible, unconstitutional mess will take time and effort. Correcting (or, in this case, interfering with) even one aspect of it is welcome news.

    --
    #DeleteChrome
  18. And we believe that why? by gweihir · · Score: 1

    Sure, spying without the cooperation of Google may have gotten a bit more expensive, but that is the best-case scenario.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  19. Gag Orders by Tokolosh · · Score: 1

    While gag orders exist, we can believe nothing from an American, or a company domiciled in America, or a country beholden to America.

    Sorry.

    --
    Prove anything by multiplying Huge Number times Tiny Number
    1. Re: Gag Orders by Anonymous Coward · · Score: 1

      A gag order is different than compelling a company to lie. There is no evidence that has ever occurred.

  20. Re:"Pretty sure"? Why should we believe this? by SuricouRaven · · Score: 2

    They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant that says 'let us sift through everything, and we'll throw you in jail if you ever tell anyone this request was made?' This assurance is better than nothing, yes - but it doesn't change the fact that if you want to be secure from prying government eyes human or automated, you just can't trust any service provider any more. The only way to be sure is to verify security at both endpoints of any conversation, and encrypt on the assumption that all intermediary hosts and routers are compromised or monitored.

  21. Time for Google to find a new home by Bruce66423 · · Score: 1

    Away from the power of the US government. Then we might, possibly, believe these comments. Till then, use American tech companies last, or to provide misinformation to them...

  22. Re:right...because the easter bunny is the new adm by SuricouRaven · · Score: 1

    Google's primary business is advertising. All the services they provide are there to service that business, either by allowing them to serve up more advertisments or by collecting data they can use to target those adverts with greater precision.

  23. Eric "you shouldn't be doing that" Schmidt by hazeii · · Score: 2

    This would be the same Eric Schmidt who said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."?

    And now we're expected to believe him, when he says he's keeping us safe from letting anyone know what we're doing?

    He killed a lot of trust with the original comment.

    He just killed a whole lot more.

    --
    All your ghosts are just false positives.
    1. Re: Eric "you shouldn't be doing that" Schmidt by hazeii · · Score: 2

      I thought the point was clear, but to attempt to make it more so:

      Eric Schmidt stated if there was stuff we didn't want people to know, we shouldn't be doing it. (this was way before the Snowden leaks).

      He made it a clear position - don't do anything you don't want to be made public (search back for the old discussion on here about it, as I recall he didn't come out of it well).

      So now he's saying the opposite - that we can trust him with stuff we don't people to know (i.e. everything Google knows about us).

      Our opinions in how much trust to him are clearly divergent.

      --
      All your ghosts are just false positives.
    2. Re: Eric "you shouldn't be doing that" Schmidt by swillden · · Score: 1

      So now he's saying the opposite - that we can trust him with stuff we don't people to know (i.e. everything Google knows about us).

      I think you're overstating what he's saying. He's saying that the government can't get access to the stuff we don't want people to know without getting an appropriate court order. That's not inconsistent with suggesting that if there's stuff you don't want people (the government) to know, then you shouldn't be doing it... because the government still can get it. They just need to be able to convince the appropriate magistrate that they have a good reason. Oh, and they have to be targeting you specifically.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  24. The other side of the coin. by riverat1 · · Score: 1

    Now if we can just protect it from Google spying.

  25. So its now safe for... by 3seas · · Score: 1

    all the terrorists to communicate thru......Now all they have to do is convince the spying government terrorist of it... collect datat for a couple years then leak the hell out of it.... Then we won't have a spying problem anymore.

    The only way to be safe from leaks on the internet is to not make whatever not accessible on or from the internet.

  26. Famous last words by mysidia · · Score: 1

    'pretty sure that information within Google is now safe from any government's prying eyes.

    It doesn't work if their last round of spying got them the root password, and the backdoors planted.

    They can still infiltrate the companies' datacenter employee staff with their own operatives.

    And another mechanism at their disposal -- is, of course, lawful orders together with gag orders.

  27. Re:Google = R+D department of the NSA by Anonymous Coward · · Score: 1

    Man, you almost had a fucking point, till you spouted random unrelated bigotry against Israel.

    Protip: when you have an agenda, and you're trying to make a point, leave your agenda out of it until much later on. Or when it's substantiated.

  28. Safe? by jargonburn · · Score: 2

    Now, if only my data was safe from Google's eyes...

    1. Re:Safe? by LookIntoTheFuture · · Score: 1

      Oh, come on! Mod this up!

      --
      Brave Sir Robin ran away. ("No!") Bravely ran away away. ("I didn't!")
  29. Re:"Pretty sure"? Why should we believe this? by Pastis · · Score: 1

    It's actually pretty interesting to see that the "Percentage of Requests Where Some Data Produced" rate is declining. Broader searches ? or people are getting more anonymous ?

    --
    Sneak teach kids Algebra using a game
  30. Re:Hahahahahahha by data2 · · Score: 1

    AFAIK, they were transferring the data over _their own links_. It's not like anybody else should have had access to it. But they have fixed that now.

  31. So... by FuzzNugget · · Score: 1

    The NSA told them to say this, right? I mean, it's not like we can really know either way, since the trust has been obliterated.

  32. Re:"Pretty sure"? Why should we believe this? by Rich0 · · Score: 1

    They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant...

    True, but at least they have to ask for the data now. Before they could just go digging through it.

  33. Re:"Pretty sure"? Why should we believe this? by sjbe · · Score: 1

    I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.

    Because they aren't really going to bat on this. It would be one thing if this was some big surprise to them but the KNOW the government is snooping and their response has been half-hearted at best. Google has a huge war chest to fight the good fight on this. I realize they can't do some things but they aren't doing a lot of things that they can do, including lobbying HARD on this issue. Google isn't the only one. I put just as much blame on Apple and Microsoft and Facebook and the rest of the tech giants. Want to profit on information about us? Fine, then step up and defend us in ways we cannot.

    Before Google took the steps necessary to ensure communications between data centers was secured, the government could (and apparently did) just slurp up everything and troll for information.

    If the government could do it, so could others and I'm pretty sure Google has some people smart enough to realize that. All this means is that if they had the ability to stop this earlier then they were either negligent or incompetent.

  34. Re:"Pretty sure"? Why should we believe this? by sjbe · · Score: 1

    True, but at least they have to ask for the data now. Before they could just go digging through it.

    Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.

  35. Re:"Pretty sure"? Why should we believe this? by Rich0 · · Score: 1

    True, but at least they have to ask for the data now. Before they could just go digging through it.

    Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.

    Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all. They were the ones who made a big deal of the government snooping their dedicated lines.

  36. Re:"Pretty sure"? Why should we believe this? by sjbe · · Score: 1

    Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all.

    Sure they would. They need to assure people, particularly outside the US, that they aren't the US government's sock puppet to make their business look credible. Google has ambitions outside the US you know plus they need to present a good face to their current customers so they don't go elsewhere. Though in reality it probably isn't that simple, you can explain all their actions purely in terms of profit motive. Google is trying to do just enough rather than take the painful step of actually doing the right thing. "Don't be evil" isn't the same thing as "go fight evil".

    They were the ones who made a big deal of the government snooping their dedicated lines.

    Kind of low hanging fruit there. It's like discovering that the NSA has bugged your bedroom. Frankly that is kind of the least of the problems.

  37. The human factor by psydeshow · · Score: 1

    I believe that Google has probably fixed most of the technical issues that allowed NSA (and presumably others) to eavesdrop on data in their systems.

    But a company with the size and scope of Google must be *riddled* with agents of various national intelligence services, not to mention corporate spies. Think about how many engineers they have hired and acquired in the last ten years. They are a big, juicy target for espionage. As is Amazon, Microsoft, Dropbox, and any other global-scale cloud provider with thousands of corporate, education, and government accounts.

    Systems can be made resistant to attack from without, but can they also be made resistant to attack from within? Not likely. How many people on Google's payroll are also on someone else's?